cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
364
Views
0
Helpful
3
Replies
Highlighted
Beginner

Real world networka are so different! Simple question

Hi everyone! I've finally landed my first job as a network engineer in a small company. I can't understand one thing regarding the uplink. While I was preparing for CCNA the main connection to the internet was via the firewall. In almost every network I have here the Internet goes directly to the switch and then to the firewall. I totally don't understand this design concept. Could somebody explain it to me in depth? I am very curious. When I asked my colleague he said:"This is how the network was built in the past... but why? 

 

Thanks in advance,

Patryk

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
VIP Expert

Re: Real world networka are so different! Simple question

A possible reason, to support public/Internet accessible servers logically outside the interior network (i.e. might be totally outside or on a DMZ protected by the FW).

BTW, in the "real world", you often find networks far from what "the book" suggests. Sometimes that might be due to some special need (often a monetary limitation), sometimes due to "network engineers" not knowing best practices, sometimes due to "old" designs from earlier "best practices" never updated, etc.
3 REPLIES 3
VIP Expert

Re: Real world networka are so different! Simple question

A possible reason, to support public/Internet accessible servers logically outside the interior network (i.e. might be totally outside or on a DMZ protected by the FW).

BTW, in the "real world", you often find networks far from what "the book" suggests. Sometimes that might be due to some special need (often a monetary limitation), sometimes due to "network engineers" not knowing best practices, sometimes due to "old" designs from earlier "best practices" never updated, etc.
Rising star

Re: Real world networka are so different! Simple question

check more details of your topology.

It could simply be that the FW is not physically between the ISP and your network,  but logically

just like the "router on a stick" it can be a "firewall on a stick"

 

e.g. the ISP is connected to the switch, this connection is forwarded by a vlan to a subinterface on the FW as  outside link

same for inside vlan(s)

 

Beginner

Re: Real world networka are so different! Simple question

Thank you for your response. I think I get it now. Everyday something new comes up. Sorry for the delay in responding. 

 

KR,

Patryk

CreatePlease to create content
Content for Community-Ad